Cloning Zones

Installing a zone in OpenSolaris requires a network connection and some patience as a little over 70MB of data is downloaded. Fortunately, after you've got the first zone installed, future zones can be cloned. This is not only quicker than an IPS install but it's also a much more efficient use of disk space. In addition, if you've customized a zone with additional software (or less software), that will also come along with your clone.

The 4 step creation process is almost identical to before. Instead of create, install, boot and configure - we have now have create, clone, boot and configure.

Obviously before we begin you must already have a zone. I'm going to be using the zone, myzone, I created from the Zones and Crossbow entry. I'll call the new zone myzoneclone.

Step 1: Create the Zone

Here's my configuration file for the new zone, with the differences highlighted in bold:

bleonard@opensolaris:~$ cat myzoneclone.config 
create
set zonepath=/zones/myzoneclone	
set ip-type=exclusive	
add net
set physical=myzoneclone0
end

Note the ip-type is exclusive. myzoneclone0 is a VNIC, which I need to create before creating the zone:

pfexec dladm create-vnic -l e1000g0 myzoneclone0

Now create the zone:

pfexec zonecfg -z myzoneclone -f myzoneclone.config

Step 2: Clone the Zone

Instead of installing from IPS, we'll clone the existing myzone, which only takes a couple of seconds:

bleonard@opensolaris:~$ pfexec zoneadm -z myzoneclone clone myzone
sys-unconfig started Thu Jul 16 15:25:10 2009
rm: cannot remove `/zones/myzoneclone/root/etc/vfstab.sys-u': No such file or directory
grep: /zones/myzoneclone/root/etc/dumpadm.conf: No such file or directory
sys-unconfig completed Thu Jul 16 15:25:10 2009

You can safely ignore the warnings from sys-unconfig. You see the zone is installed:

bleonard@opensolaris:~$ zoneadm list -cv
  ID NAME             STATUS     PATH                           BRAND    IP    
   0 global           running    /                              native   shared
   - myzone           installed  /zones/myzone                  ipkg     excl
   - myzoneclone      installed  /zones/myzoneclone             ipkg     excl  

Step 3 & 4: Boot & Configure

These 2 steps are identical to before. First we create a sysidcfg file. Again, I've highlighted the differences from myzone in bold:

bleonard@opensolaris:~$ cat sysidcfg
system_locale=C
terminal=xterms
network_interface=myzoneclone0 {
	hostname=myzone
	ip_address=10.0.1.26
	netmask=255.255.255.0
	default_route=NONE
 	protocol_ipv6=no}
security_policy=none
name_service=NONE
nfs4_domain=dynamic
timezone=US/Eastern
root_password=fto/dU8MKwQRI

Ready the zone:

pfexec zoneadm -z myzoneclone ready 

Copy the sysidcfg file to the zone:

pfexec cp sysidcfg /zones/myzoneclone/root/etc/.

Log into the Zone:

bleonard@opensolaris:~$ pfexec zlogin -C myzoneclone
[Connected to zone 'myzoneclone' console]

In another terminal window, boot the zone:

pfexec zoneadm -z myzoneclone boot

Then back in the first terminal you can log into the zone after it completes configuration. If you used the root_password from above it's abc123:

[NOTICE: Zone booting up]


SunOS Release 5.11 Version snv_111b 64-bit
Copyright 1983-2009 Sun Microsystems, Inc.  All rights reserved.
Use is subject to license terms.
Hostname: myzoneclone
Reading ZFS config: done.
Mounting ZFS filesystems: (5/5)
 network_interface=myzoneclone0 {
myzoneclone0 is not a valid network interface  line 3 position 19
Creating new rsa public/private host key pair
Creating new dsa public/private host key pair
Configuring network interface addresses: myzoneclone0.

myzone console login: root
Password: 
Jul 16 15:52:39 myzone login: ROOT LOGIN /dev/console
Last login: Thu Jul 16 14:41:03 on console
Sun Microsystems Inc.   SunOS 5.11      snv_111b        November 2008
root@myzone:~#

One nice point to note about the cloned zone is that it's a ZFS clone. As such, a snapshot was taken of myzone and then used as the basis for myzoneclone. Therefore, myzoneclone only consumes space where it differs from the snapshot of myzone:

bleonard@opensolaris:~$ zfs list -t all
NAME                                                        USED  AVAIL  REFER  MOUNTPOINT
rpool                                                       112G  34.3G    76K  /rpool
rpool/ROOT                                                 14.2G  34.3G    18K  legacy
rpool/ROOT/opensolaris                                     66.0M  34.3G  7.02G  /
rpool/dump                                                 1.43G  34.3G  1.43G  -
rpool/export                                               43.6G  34.3G    19K  /export
rpool/export/home                                          43.6G  34.3G  40.1G  /export/home
rpool/swap                                                 1.43G  35.6G   212M  -
rpool/zones                                                 142M  34.3G    21K  /zones
rpool/zones/myzone                                          139M  34.3G    22K  /zones/myzone
rpool/zones/myzone/ROOT                                     139M  34.3G    19K  legacy
rpool/zones/myzone/ROOT/zbe                                 139M  34.3G   139M  legacy
rpool/zones/myzone/ROOT/zbe@myzoneclone_snap                   0      -   139M  -
rpool/zones/myzoneclone                                    2.17M  34.3G    22K  /zones/myzoneclone
rpool/zones/myzoneclone/ROOT                               2.15M  34.3G    19K  legacy
rpool/zones/myzoneclone/ROOT/zbe                           2.13M  34.3G   140M  legacy

Note that myzone is using 139M but myzoneclone is only consuming 2MB. Therefore, cloning zones is a very efficient way to create zones on the system.

Note, to remove the zone you still use uninstall:

bleonard@opensolaris:~$ pfexec zoneadm -z myzoneclone halt
bleonard@opensolaris:~$ pfexec zoneadm -z myzoneclone uninstall
Are you sure you want to uninstall zone myzoneclone (y/[n])? y
Comments:

I see in your output the following:

myzoneclone0 is not a valid network interface line 3 position 19

I am getting this same error and on boot the system still goes through all of the sys config steps.

Did you also have this problem?

Regards,
Sean
====

Posted by Sean O'Dell on December 03, 2009 at 08:59 AM GMT #

Hi Sean,

Are you saying that every time you boot the zone it's going through sysidcfg? If so, I've never seen that before. I always see the "not a valid network interface" message, but it's never caused a problem for me (the network interface is fully functional on boot).

/Brian

Posted by Brian Leonard on December 03, 2009 at 11:00 AM GMT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

The Observatory is a blog for users of Oracle Solaris. Tune in here for tips, tricks and more as we explore the Solaris operating system from Oracle.

Connect with Oracle Solaris:


Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today